Toggle navigation
TWText.com
TWText.com
faq
Contact US
Follow US
#DFIR
Jessica Hyde
B1N2H3X
Some thoughts on something else I love about our #DFIR community - a thread 1/x Had an amazing conversation with @hexplates today both on and off of #CacheUp - and
Read more
Craig H. Rowland
CraigHRowland
The best detection method for finding Linux intruders is hunting for tactics they use, not binary signatures of their tools. #DFIR When new exploit tools drop, I recommend you basically
Read more
Doppelvizsla
doppelvizsla
So, I've now seen this in two different places. Count me very skeptical, based on a look at the data that is circulating on pastebin. Thread time. 1/? It's
Read more
Christopher Glyer
cglyer
We've all received emails with no attachment and assume it's "safe" to open in a mail client (as long as we don't explicitly click on any URLs). Right?Not so much...
Read more
Taz Wake
tazwake
Just a reminder, if you are dealing with a security incident you really can't rush it. IR can take time. If you rush, you'll get it wrong. Everyone gets stressed
Read more
Phill Moore
phillmoore
I said a few weeks ago that it's going to be a struggle to keep up with everything going on in #DFIR. Haven't been wrong yet. Lots of people starting
Read more
Azeria
Fox0x01
Next time you try to hack me and break into devices and accounts of mine, learn to cover your tracks.You messed with the wrong fox, dude.. Or should I say
Read more
Taz Wake
tazwake
Yesterday @UK_Daniel_Card started a good thread about the role of the CISO in organisations.It got me thinking about a few things. First, is "security" a respected profession in a meaningful
Read more
Marley
mkr_ultra
Fuck it, security engineering teams as D&D classes: First, and most importantly because it's what *I* do, SecOps are your paladin tanks. They have to be burly enough to do
Read more
File411
File411
https://twitter.com/briankrebs/status/1321550140474331136 Listen to me - this is CRITICALRyuk Ransomware“..deployed as a payload from banking Trojans such as Trickbot. Ryuk first appeared in Aug 2018 as a derivative of Hermes 2.1
Read more